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Status of the Claims 

The listing of claims will replace all prior versions, and listings of claims in the 
application. 

1 . (currently amended) A method of providing automated document 
retention for an electronic document documents , said method comprising: 
obtaining an electronic document; 

(a) assigning a document retention policy to the electronic document, the 
document retention policy being based on a future event that is unscheduled; and 

(b) cryptographically imposing associating the document retention policy with en 
the electronic document. 



2. (currently amended) The A method as recited in claim 1 , wherein said 
method further comprising comprises : 

(c) subsequently determining whether the future event has occurred; and 

(d) cryptographically preventing access to the electronic document in accordance 
with the document retention policy based on the occurrence of the future event. 



3. (currently amended) The A method as recited in claim 2, wherein: 
wher e in said determining step (c) is periodically performed. 
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4. (currently amended) The A method as recited in claim 2, wherein: 
wherein said determining step (c) is performed by interacting with a network accessible 
resource. 

5. (currently amended) The A method as recited in claim 2, wherein: 
wherein said determining step (c) is performed by interacting with a web accessible 
resource. 

6. (currently amended) The A method as recited in claim 5, wherein said 
determining step (c) comprises: 

supplying a future event description of the future event to the web accessible 
resource; and 

determining, at the web accessible resource, whether the future event has 
occurred. 

7. (currently amended) The A method as recited in claim 6, wherein said 
supplying is achieved by a universal resource locator associated with the future event 
description. 

8. (currently amended) The A method as recited in claim 5, wherein said 
d e termining comprises step (c) comprises: 

supplying the future event description to a contract management system; and 
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determining, at the contract management system, whether the future event has 
occurred. 

9. (currently amended) The A method as recited in claim 1 , wherein: 
wherein said impo s ing operates to utilize step (b) utilizes a cryptographic key to 

impose associate the document retention policy, and 

wherein the document retention policy specifies a document retention period 
based on the future event. 

10. (currently amended) The A method as recited in claim 9, wherein the 
document retention policy specifies a document retention period that expires a 
predetermined period of time after the occurrence of the future event. 

1 1 . (currently amended) The A method as recited in claim 9, wherein said 
method further comprising comprises : 

determining wheth e r the docum e nt r e t e ntion p e riod has e xpired; and 

(c) deactivating the cryptographic key when said d e t e rmining determines that the 

a_document retention period has expired, thereby preventing further access to the 

electronic document. 

12. (currently amended) The A method as recited in claim 1 1 , wherein said 
method further comprisin g compris e s : 
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(d) permitting said deactivating step (c) to be overridden so that the electronic 

document can remain accessible even after the document retention period. 

13. (currently amended) The A method for restricting access to an electronic 
document, said method comprising: 

identifying an electronic document to be secured, the electronic document having 
at least a data portion that contains data; 
obtaining a document key; 

encrypting the data portion of the electronic document using the document key to 
produce an encrypted data portion; 

obtaining a retention access key, the retention access key being used to enforce a 
document retention policy on the electronic document; 

encrypting the document key using the retention access key to produce an 
encrypted document key; 

forming a secured electronic document from at least the encrypted data portion 
and the encrypted document key; and 

storing the secured electronic document. 

14. (currently amended) The A method as recited in claim 13, wherein the 
retention access key is a public retention access key. 

15. (currently amended) The A method as recited in claim 13, wherein the 
document retention policy is dependent on a future event that is presently unscheduled, 
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and the retention access key is used to enforce the document retention policy on the 

electronic document. 

16. (currently amended) The A method as recited in claim 1 5, wherein the 
retention access key is subsequently available from a remote key store only so long as a 
document retention period of the document retention policy has not been exceeded. 

17. (currently amended) The A method as recited in claim 16, wherein the 
document retention period is a predetermined period of time after the occurrence of the 
future event. 

18. (currently amended) The A method as recited in claim 1 7, wherein said 
method further comprises: 

extending the predetermined period of time after the occurrence of the future 

event. 

19. (currently amended) The A method as recited in claim 15, wherein said 
method is performed on a client machine that operatively receives the retention access 
key from the remote key store over a network. 

20. (Original) A method for accessing a secured electronic document by a 
requestor, the secured electronic document having at least a header portion and a data 
portion, said method comprising: 
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obtaining a retention access key, the retention access key being used to enforce a 
document retention policy on the electronic document; 

obtaining an encrypted document key from the header portion of the secured 
electronic document; 

decrypting the encrypted document key using the retention access key to produce 
a document key; 

decrypting an encrypted data portion of the secured electronic document using 
the document key to produce a data portion; and 
supplying the data portion to the requestor. 

21 . (currently amended) The A method as recited in claim 20, wherein the 
retention access key is identified by an indicator within a header portion of the secured 
electronic document. 

22. (currently amended) The A method as recited in claim 20, wherein the 
retention access key is a private retention access key. 

23. (currently amended) The A method as recited in claim 20, wherein, if 
permitted, said obtaining obtains the retention access key being obtained from a server. 

24. (currently amended) The A method as recited in claim 20, wherein the 
document retention policy is dependent on a future event that is presently unscheduled, 
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and the retention access key is used to enforce the document retention policy on the 

electronic document. 

25. (currently amended) The A method as recited in claim 20, wherein the 
retention access key is available only so long as a document retention period of the 
document retention policy has not been exceeded. 

26. (currently amended) The A method as recited in claim 25, wherein the 
document retention period is a predetermined period of time after the occurrence of the 
future event. 

27. (currently amended) The A method as recited in claim 20, wherein the 
retention access key is available from a remote key store only so long as a document 
retention period of the document retention policy has not been exceeded. 

28. (currently amended) The A method as recited in claim 20, wherein the 
retention access key is available only so long as a document retention period of the 
document retention policy has not been exceeded, the document retention period can be 
extended to permit extended access to the electronic document. 

29. (Original) A method for distributing cryptographic keys used in a file 
security system, said method comprising: 
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receiving a request for a document retention key that is necessary to gain access 
to a cryptographically secured electronic document; 

identifying a document retention period associated with the document retention 
key, the document retention period being dependent on a future event that was 
unscheduled when the document retention period was associated with the electronic 
document; 

determining whether the document retention period associated with the document 
retention key has been exceeded; and 

refusing to distribute the document retention key in response to the request when 
said determining indicates that the document retention period for the electronic document 
has been exceeded. 

30. (currently amended) The A method as recited in claim 29, wherein the 
document retention period is a predetermined period of time after the occurrence of the 
future event. 

3 1 . (currently amended) The A method as recited in claim 29, wherein said 
method is performed at a server, and wherein the request for the document retention key 
is from a client module that is connectable to the server via a network. 

32. (currently amended) The A method as recited in claim 29, wherein the 
document retention period can be extended to permit extended access to the electronic 
document. 
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33. (Original) A file security system for restricting access to electronic files, 
said file security system comprising: 

a key store that stores a plurality of cryptographic key pairs, each of the 
cryptographic key pairs including a public key and a private key, at least one of the 

cryptographic key pairs pertaining to a retention policy, the retention policy being 
dependent on a future event; and 

an access manager operatively connected to said key store, said access manager 
determines whether the private key of the at least one of the cryptographic key pairs 
pertaining to the retention policy is permitted to be provided to a requestor based on 
whether the future event has occurred, 

wherein the requestor requires the private key of the at least one of the 
cryptographic key pairs pertaining to the retention policy to access a secured electronic 
file, and wherein the secured electronic file was previously secured using the public key 
of the at least one of the cryptographic key pairs pertaining to the retention policy, and at 
the time the electronic file was so secured, the future event was unscheduled. 

34. (currently amended) The A file security system as recited in claim 33, 
wherein said access manager prevents the private key of the at least one of the 
cryptographic key pairs pertaining to the predetermined time from being provided to the 
requestor after a predetermined retention period following the occurrence of the future 
event. 
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35. (currently amended) The A file security system as recited in claim 33, 
wherein the requestor is a client module that operatively connects to said access manager 
over a network. 

36. (currently amended) The A file security system as recited in claim 33, 
wherein said file security system further comprises: 

at least one client module, said client module assisting a user in selecting the 
retention policy, and said client module securing the electronic file using the public key 
of the at least one of the cryptographic key pairs pertaining to the retention policy so as 
to cryptographically impose the retention policy. 

37. (currently amended) The A file security system as recited in claim 33, 
wherein said file security system further comprises: 

at least one client module, said client module assisting with unsecuring the 
secured electronic file by acquiring the private key of the at least one of the 
cryptographic key pairs that pertains to the retention policy from said key store if 
permitted by said access manager, and then unsecuring the secured electronic file using 
the private key of the at least one of the cryptographic key pairs that pertains to the 
retention policy. 

38. (Original) A computer readable medium including at least computer 
program code for providing automat e d data retention for electronic data, said computer 
readable medium comprising: 
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computer program code for obtaining electronic data; 

computer program code for assigning a data retention policy to the electronic 
data, the data retention policy being based on a future event that is unscheduled; and 

computer program code for cryptographically imposing associating the data 
retention policy to with the electronic data. 

39. (currently amended) The A computer readable medium as recited in claim 

38, wherein said computer readable medium further comprises: 

computer program code for subsequently determining whether the future event 
has occurred; and 

computer program code for cryptographically preventing access to the electronic 
data in accordance with the data retention policy based on the occurrence of the future 
event. 

40. (currently amended) The A computer readable medium as recited in claim 

39, wherein the electronic data is an electronic file. 

41 . (currently amended) The A computer readable medium as recited in claim 
39, wherein the electronic data is an electronic document. 
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42. (currently amended) The A computer readable medium as recited in claim 
38 wherein: T J 

wherein said computer program code fo r imposing associating operates to utilize 
a cryptographic key to impose associate the data retention policy, and 

wherein the data retention policy specifies a data retention period based on the 
future event. 

43. (currently amended) The A computer readable medium as recited in claim 
42 wherein:) ",] 

wherein the data retention policy specifies a data retention period that expires a 
predetermined period of time after the occurrence of the future event, and 

wherein said computer readable medium further comprises: 

computer program code for determining whether the data retention period 
has expired; and 

computer program code for deactivating the cryptographic key when it is 
determined that the data retention period has expired, thereby preventing further access 
to the electronic data. 

44. (currently amended) The A computer readable medium as recited in claim 
43, wherein said computer readable medium further comprises: 

computer program code for permitting said computer program code for 
deactivating to be overridden so that the electronic data can remain accessible even after 
the data retention period. 
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